<?php
/*
 * Session variables:
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 * $_SESSION['user'] [string] = the username/ email of the logged in user
 * $_POST['email']
 * $_POST['streetadd1']
 * $_POST['streetadd2']
 * $_POST['cityadd']
 * $_POST['contact_num']
 */
session_start();
if (isset($_SESSION['authorised']) && $_SESSION['authorised'] == true) 
{
    if (isset($_SESSION['type'])) 
    {
        if ($_SESSION['type'] == 'administrator') 
        {
			include('connection.inc');
			$username=$_SESSION['manage_username'];	
			$email = $_POST['email'];
			$streetadd1 = $_POST['streetadd1'];
			$streetadd2 = $_POST['streetadd2'];
			$cityadd = $_POST['cityadd'];
			$contactnum = $_POST['contact_num'];
		 	if($email=='' || $streetadd1=='' || $streetadd2=='' || $cityadd=='' || $contactnum =='')
			{
				$_SESSION['error']='Error in editing profile. Put information in all fields.';
				header('Location:admin_alert.php');
		        exit();
			}
			$sql = "UPDATE users SET username = '$email', streetadd1 = '$streetadd1', streetadd2 = '$streetadd2', cityadd = '$cityadd', contactnum = '$contactnum' WHERE username = '$username';"; 
			$result = pg_query($sql);
			
					header("Location: admin_manageaccounts.php");
					exit();
		}
	    elseif ($_SESSION['type'] == 'student') 
	    {
	    	header('Location: student_index.php');
	        exit();
		}
	    elseif ($_SESSION['type'] == 'tutor') 
	    {
	    	header('Location: tutor_index.php');
	        exit();
		}
		elseif ($_SESSION['type'] == 'parent') 
		{
	    	header('Location: parent_index.php');
	        exit();
	    }
    }
}
 else 
 {
    header('Location: index.php');
 }
?>
